Raspberry Pi as a DNS/DHCP server

Recently I decided to use a raspberry pi as my DHCP/DNS server.  My router provided some DHCP functionalities which have been been good enough so far, but now I needed control over DNS functionality as well.  This is a great opportunity to set up a raspberry pi with dnsmasq!

For this, I am using a Raspberry Pi 2 + 32GB microsd card.  I used etcher to flash Raspbian Stretch Lite(2017-11-29) image.

It automatically resized the file system to fit and then rebooted, then I went in to update a few settings;

pi@raspberrypi:~ $ sudo raspi-config
  • Change User Password – this is self-explanatory.
  • Localisation Options – Change Locale – en_US.UTF-8 – en_US.UTF-8
  • Localisation Options – Change Timezone – US – Eastern
  • Localisation Options – Change Keyboard layout – Generic 104-key PC – English (US) – English (US) – No AltGr – No compose
  • Finish
  • I also changed the name of the raspberry pi 2 as dnsserver (in /etc/hostname and /etc/hosts)

I’ve changed the default password and also set the locale to US, which will make sure my keyboard mappings are correct.

Assign static IP

The raspberry pi, now called dnsserver, needs a static IP address.  This is done by modifying the /etc/dhcpcd.conf file;

pi@raspberrypi:~ $ sudo nano /etc/dhcpcd.conf

and then the following lines were added at the bottom;

interface eth0
static ip_address=192.168.1.2/24
static routers=192.168.1.1
static domain_name_servers=192.168.1.1

Save and then reboot.

At this point, the raspberry pi device should return the IP(in this case, 192.168.1.2) and it should be able to access the internet.

Now we can begin.

Install dnsmasq

pi@raspberrypi:~ $ sudo apt install dnsmasq

once that is set, the following is written to /etc/dnsmasq.d/home.dns

# General configuration
domain-needed
bogus-priv
expand-hosts
read-ethers
domain=lan.minuk.net
dhcp-range=192.168.1.100,192.168.1.255,5m
dhcp-option=3,192.168.1.1

this allows dnsserver to

  • domain-needed – do not forward plain names w/o domain.
  • bogus-priv – reverse IP lookups from private IP range(192.168.x.x) not found in /etc/hosts or the DHCP lease file are kept from being forwarded.
  • expand-hosts – add domain to plain names(w/o the dot) in /etc/hosts.
  • read-ethers – use /etc/ethers file to define static IP assignments by MAC addresses
  • dhcp-range=192.168.1.100,192.168.1.255,5m – issue IPs from the 192.168.1.100 to 192.168.1.255 range, with the lease time of 5 minutes
  • dhcp-option=3,192.168.1.1 – have DHCP specify the router’s IP as the gateway(192.168.1.1 is the IP of my router)

One final step – I added a couple of static entries.  This turns out to be a multi step affair, for each entry;

  1. add a line to /etc/ethers in the form of <MAC> <IP>
  2. add a line to /etc/hosts in the form of <IP> <name>.<domain> <alias>

As an example, for my local gitlab server(MAC : AA:BB:CC:DD:EE:FF (looked up from the VM guest settings), IP : 192.168.1.110, name : gitlab);

In /etc/ethers file;

AA:BB:CC:DD:EE:FF 192.168.1.110

In /etc/hosts file;

192.168.1.110 gitlab.lan.minuk.net gitlab

 

With this set, I logged into my router and disabled the built-in DHCP.

Then restart dnsmasq service with the following command;

 pi@raspberrypi:~ $ sudo service dnsmasq restart

… and everything continued to work.  It was hard to tell if this worked or not, so restarted my gitlab guest VM and then dumped the contents of the lease file on dnsserver;

pi@raspberrypi:~ $ sudo cat /var/lib/misc/dnsmasq.leases

and then I saw an entry in the lease file;

1514777918 AA:BB:CC:DD:EE:FF 192.168.1.110 gitlab *

 

After all this, any client connected to my LAN can now access my local gitlab server by pointing a browser to http://gitlab.lan.minuk.net instead of http://192.168.1.110.  This makes it easier for network clients to be addressed – especially looking forward to it when I try bringing up VM guests that need to communicate with each other.

 

I gathered the information for this post from the following articles;

  1. https://carpie.net/articles/setting-up-a-home-network-dhcp-dns-server-with-dnsmasq
  2. http://www.graham.org/rpi-dns-dhcp.html
  3. http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

 

One Reply to “Raspberry Pi as a DNS/DHCP server”

  1. Pingback: Removing entry from DNS lease – Minuk.Net

Leave a Reply